GDPR Compliance

Under the GDPR, Voice Scholar serves as both a data controller and a data processor:

• As a Data Controller:

  For the personal information you provide when creating an account, using our services, and interacting with our platform, we determine the purposes and means of processing this data.

• As a Data Processor:

  For the content you upload (such as lecture recordings), we process this data according to your instructions as outlined in our Terms of Service.

We take both roles seriously and have implemented appropriate technical and organizational measures to ensure data protection at all levels of our service.

Under GDPR, we must have a valid lawful basis for processing personal data. Depending on the specific context, we rely on the following lawful bases:

• Contractual Necessity:

  Processing your data is necessary for the performance of our contract with you to provide our services.

• Legitimate Interests:

  In some cases, we process data based on our legitimate interests, such as improving and securing our services, as long as these interests are not overridden by your rights and freedoms.

• Consent:

  Where required by law, we process data based on your specific, informed, and unambiguous consent, which you can withdraw at any time.

• Legal Obligation:

  In certain instances, we may need to process your data to comply with a legal obligation.

The GDPR provides you with several rights regarding your personal data. Voice Scholar is committed to facilitating the exercise of these rights:

• Right of Access (Article 15):

  You have the right to obtain confirmation as to whether personal data concerning you is being processed, and if so, access to that data and related information.

• Right to Rectification (Article 16):

  You have the right to have inaccurate personal data rectified and incomplete data completed.

• Right to Erasure / Right to be Forgotten (Article 17):

  Under certain circumstances, you have the right to request the deletion of your personal data.

• Right to Restriction of Processing (Article 18):

  You have the right to request the restriction of processing of your personal data in specific scenarios.

• Right to Data Portability (Article 20):

  You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit this data to another controller.

• Right to Object (Article 21):

  You have the right to object to the processing of your personal data in certain circumstances, including for direct marketing purposes.

• Right to Not be Subject to Automated Decision-making (Article 22):

  You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or similarly significantly affects you.

We've made it easy for you to exercise your GDPR rights:

For other GDPR requests or questions, please contact our Data Protection Officer at:

Email: dpo@voicescholar.com
Subject: GDPR Request - [Your Request Type]

Voice Scholar operates globally, which may involve transferring and processing your personal data outside the European Economic Area (EEA). Whenever we transfer your personal data outside the EEA, we ensure a similar degree of protection by implementing at least one of the following safeguards:

• Standard Contractual Clauses:

  We use specific contracts approved by the European Commission that provide the same level of protection for personal data as it has in Europe.

• Adequacy Decisions:

  We transfer data to countries or organizations that have been deemed to provide an adequate level of protection for personal data by the European Commission.

• Privacy Shield (when applicable):

  For transfers to the US, we may rely on certified frameworks that establish similar protections to those enjoyed in Europe.

Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.

Voice Scholar implements data protection principles by design and default:

• Data Minimization:

  We collect only the personal data that is necessary for the specific purpose of providing our services.

• Purpose Limitation:

  We process personal data only for the specific purposes for which it was collected.

• Storage Limitation:

  We retain personal data only for as long as necessary to fulfill the purposes for which it was collected.

• Security Measures:

  We implement appropriate technical and organizational measures to ensure the security of personal data.

• Privacy Settings:

  Our platform includes privacy settings that allow you to control how your data is used and shared.

In the unlikely event of a personal data breach, Voice Scholar has procedures in place to:

• Detect and assess the breach promptly
• Notify the relevant supervisory authority within 72 hours, where feasible, if the breach is likely to result in a risk to individuals' rights and freedoms
• Notify affected individuals without undue delay if the breach is likely to result in a high risk to their rights and freedoms
• Document all breaches, including the facts, effects, and remedial actions taken